We performed a comparison between Securonix Next-Gen SIEM and Symantec Identity Governance and Administration based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The main benefit is the ease of integration."
"Its console is very easy to use and configure. It is very intuitive for our use cases. App integrations are also pretty nice."
"Risk scoring was nice. We could exactly see which user had the highest risk score, and then we could pick it up and work on it."
"I rate the technical support a nine out of ten. They're friendly. Whenever we have a P1 issue, we write an email and our issue is resolved in one or two hours."
"The most valuable feature is being able to look at users' behavioral profiles to see what they typically access. One of the key events that we monitor is people's downloading of objects... It's very easy to see people's patterns, what they typically do."
"There aren't any positive aspects of the solution. It was a complete failure. There are no redeeming features."
"The machine-learning algorithms are the most valuable feature because they're able to identify the 'needle in the haystack.'"
"The UEBA functionality indicates a lot about behaviors that are not found through a traditional SIEM. We have exploited that more than anything since we started using it."
"The second feature is that within the SNYPR product there is a functionality called Spotter. We use that for link analysis diagrams and to run the stats command. That's extremely useful because it replaces a tedious, manual process we used to use, using Microsoft Excel and a couple of other methods, to bring data together."
"Streamlines user access, consolidates applications."
"Word mining and risk campaigns are the most valuable features of this solution."
"It is easy to use, and does not requires an extensive programming or development background."
"Governance."
"I like that it is easy to diagnose. It has a version of a virtual appliance so we can download it, run it, configure it, and it would take about 10 to 15 minutes to configure the cluster or so."
"The product’s most valuable feature is flexibility. It can be customized as per the customer’s requirements."
"The most valuable aspects of Symantec Identity Governance and Administration are all the features, it is the most complete solution on the market. It has features, such as scanners and portals, it has everything."
"What I found most valuable in Symantec Identity Governance and Administration is its simple GUI. It's also easy to deploy compared to other products. With other products, you have to install the Windows version inside the Windows machine on all units, but with Symantec Identity Governance and Administration, it can work offline, so the solution is a little bit easier than other systems."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"I think the number one area of improvement for Sentinel would be the cost."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"We would like a little more face-to-face training. Securonix has several tutorials on its website, but we want there to be a person in Colombia who does training or workshops to give us a better understanding of the platform."
"Sometimes, there is instability in the data in terms of the customization of the time. I have sometimes observed discrepancies in the data, which is something they should work on. They should bring more stability to time customization. If we are seeing a particular data, when we change the time zone, there should be the same data. There should not be any discrepancy."
"The pricing. I'm not sure how they are proceeding with the identity based pricing compared with DB pricing which most of the vendors are using today."
"The analytics-driven approach for finding sophisticated threats and reducing false positives is positive and good, but the platform requires a more dynamic concept. Everything is a bit static."
"We have compliance needs. We have investigation needs. And we have situations where an analyst needs to look at threats. These three things require a different view of how they look at the threats. What would be good is to have Securonix create three different views of their Security Command Center so that, depending on the persona of the person logging in, they'd get the relevant data they need and not see everything."
"One of the things they can improve on a little bit is the usability side, to make some things simpler... The tool does have a lot of knobs, you can turn a lot of things on and off and you can change things. Sometimes, it can become a little overwhelming. They should remove some confirmation options and make it simpler for the less mature customers and people who are still trying to grasp it."
"The solution could provide more automation."
"Other than issues with the training, there have been issues with the encryption. There have also been issues with some of the reporting, minor glitches that they have fixed as they've gone along."
"The drawback with the CA Identity Manager is they don't have a connector to HR systems like SAP, or PeopleSoft, or Workday. That's a major drawback with the CA Identity Manager. For that we have to do lots of custom quoting to get data from HR systems. And if they could connect it to GRC systems, that's good to have in an identity product."
"Provisioning has a dependency on Windows."
"They provide a framework to develop your own connectors. A connector is a piece of software that integrates with the solutions that are not a part of the support matrix. Currently, it is difficult to create these connectors in this solution. Other solutions, such as NetIQ Identity, provide a better way to create your own connector. Currently, there is no cloud version. It should have a cloud version."
"Although the capabilities are there, the user interface needs to be redesigned and the opportunities for integration should be improved."
"In the next release, there should be provisioning of your certifications."
"The development process to create this connector is not as easy as I would like."
"The Identity tool needs to do more kinds of reporting for audit purposes. It doesn't really track any of the metrics that are useful to us, at this point."
"The directory has room for improvement. Also, the dashboards and, in particular, the KPI dashboard that shows the current user’s information needs reworking."
More Symantec Identity Governance and Administration Pricing and Cost Advice →
Securonix Next-Gen SIEM is ranked 7th in Security Information and Event Management (SIEM) with 27 reviews while Symantec Identity Governance and Administration is ranked 20th in Identity Management (IM) with 65 reviews. Securonix Next-Gen SIEM is rated 8.6, while Symantec Identity Governance and Administration is rated 7.6. The top reviewer of Securonix Next-Gen SIEM writes "Spotter tool has helped us eliminate many hours required to manually create link analysis diagrams". On the other hand, the top reviewer of Symantec Identity Governance and Administration writes "Works well on-premises and has partial capabilities but lacks many feaures". Securonix Next-Gen SIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Exabeam Fusion SIEM and Seceon Open Threat Management Platform, whereas Symantec Identity Governance and Administration is most compared with SailPoint IdentityIQ, AlertEnterprise Enterprise Guardian, SAP Identity Management, Microsoft Identity Manager and Cisco ISE (Identity Services Engine).
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
